monitor and secure your Private cloud with a platform based in your data center.

Private clouds are flexible and scalable, and leverage your existing infrastructure. But a lack of packet-level visibility can complicate things considerably. Without the ability to monitor traffic between virtual machines (VMs) in your private cloud, your security and performance management tools lack the critical data they need to identify attackers and prevent network outages.

When it comes to private cloud environments, eliminating these risky virtual blind spots is critical to protecting your virtual infrastructure. Instead of the pay-as-you-go approach to visibility offered by CloudLens SaaS, CloudLens Self-Hosted runs in your data center — enabling you to supply your monitoring tools with critical packet data from the cloud, even when you are offline.

What You Get

  • Compatibility
  • Virtual Tapping
  • Virtual Processing
  • Ultimate Flexibility
  • Hypervisor Logos

    pick a hypervisor, Any hypervisor

    With support for leading hypervisors such as OpenStack KVM, VMware ESXi and NSX, and Microsoft Hyper-V, CloudLens Self-Hosted enables complete visibility into all your private cloud deployments via a single management interface.

    Moreover, CloudLens Self-Hosted can be vSwitch/router-agnostic (VSS, vDS) — giving you even more flexibility into how you deploy the platform.

  • CloudLens Self-Hosted - vTap to Physical NPB

    capture inter-vm traffic with vtap

    Packet data traveling between VMs is notoriously difficult to capture. However, CloudLens Self-Hosted captures this east-west traffic with its proprietary vTap capability. The platform can virtually tap both inline and out-of-band (OOB) traffic in two modes:

    1. Tap only: copies and forwards data, similar to a physical tap,
    2. Tap and filter: copies data and filters it with basic Layer 2 to Layer 4 criteria, so only relevant data is forwarded

    Additionally, Cloud Sensor vTaps can access network traffic in environments where your administrators have limited or no hypervisor access, such as with Microsoft Azure Stack. This enables you to achieve true hypervisor-agnostic visibility, since you can run CloudLens vTap sensors in your virtual workloads, filter the tapped traffic with L2 to L4 criteria, and forward packet data to any available interface with GRE tunneling.

    As with any Ixia product, management is simple. The easy-to-use CloudLens Sensor Management Platform integrates seamlessly with the CloudLens GUI — enabling you to deploy sensors wherever you need them, even in secure environments or without internet access.

  • CloudLens Self-Hosted Virtual Processing

    save bandwidth and Reduce latency by filtering at the source

    Packet-level cloud visibility makes your tools better, but more data isn't always the answer. Security tools rely on timely, contextual intelligence — and unfiltered packet data can easily lead to false positives or undetected intrusions. While many tools offer intelligent filtering themselves, CloudLens is more efficient. That reduces costs while enabling you to maximize your existing security and monitoring investments.

    The only platform that aggregates, filters, and processes packets virtually, CloudLens Self-Hosted offers Ixia's industry-leading visibility intelligence, including NetStackPacketStack, and AppStack

    With NetStack, you can aggregate, load-balance, and filter traffic with L2 to L4 criteria — similar to what a physical packet broker can offer, but as a set of software agents deployed on your private cloud infrastructure. From there, you can utilize PacketStack and AppStack for more advanced capabilities such as de-duplication, header stripping, signature-based application detection, geolocation, Layer 7-based filtering, threat detection, and NetFlow generation.

  • CloudLens Self Hosted - Architecture Integration

    easily adaptable for multiple architectures

    Because it deploys and runs in your data center, CloudLens Self-Hosted is flexible. This enables you to select the right approach to get the right data to your security and monitoring tools.

    Route A

    • Send tapped traffic directly to virtual tools
    • Send L2 to L4 filtered traffic to virtual tools
    • Send virtually processed, brokered packets to virtual tools

    Route B

    • Send tapped traffic directly to physical tools
    • Send L2 to L4 filtered traffic to physical tools
    • Send virtually processed, brokered packets to physical tools

    Route C

    • Send tapped traffic directly to a physical network packet broker, which aggregates, processes, and sends it to tools
    • Send L2-L4 filtered traffic to a physical network packet broker, which then aggregates, processes, and sends it to tools

 

Elastic Scale Icon

Elastic Scale

 

Data Access Anywhere

DATA access any time, anywhere

 

Multi-Platform

Multi-platform capable

 

East West Traffic

The Risk of Blind Spots in Inter-VM Traffic

A limited view of network traffic makes troubleshooting application performance and network security nearly impossible. Since it's difficult to capture packet data flowing between VMs on the same server, virtual systems like cloud environments are tempting targets for attackers to exploit.

When you need to capture this hard-to-reach data, CloudLens Self-Hosted bridges the gap between your virtual and physical networks — protecting your cloud by extending complete visibility to your virtualized environments and inter-VM traffic.

Easy to install and use

How easy is it to start using CloudLens?

Watch as one of our senior product managers, Christophe Olivier, configures vTap — enabling private cloud visibility in just a matter of minutes!

CloudLens Containers + Kubernetes Visibility

CONTAINERS AND KUBERNETES: VISIBILITY THROUGH CLOUDLENS

CloudLens is the first and only solution to deliver packet visibility into containers and Kubernetes clusters across cloud platforms including AWS Elastic Container Service for Kubernetes (EKS), Azure Kubernetes Service (AKS) and Google Kubernetes Engine (GKE).

Discover how to maximize your APM, NPM, and security tools by establishing packet visibility into your workloads in container-based environments and Kubernetes clusters!
 

Visibility Intelligence

Not only does CloudLens Self-Hosted enable you to capture packet data in your private clouds, it also offers industry-leading virtual packet processing and advanced, Layer 7-based application filtering. Unlike other cloud visibility solutions, we do not require you to backhaul traffic to a physical device (however, we provide the option to do so).

Discover how Ixia’s leading visibility intelligence features can optimize your traffic analysis and security tool performance in physical and cloud environments!

To learn more, click on each stack.

NetStack Icon

NETStack

Robust filtering, aggregation, replication, and more

  • L2- L4 filtering
  • Source port labeling (VLAN tagging & untagging)
  • Aggregation & replication
  • Load balancing
PacketStack Icon

PacketStack

Intelligent packet filtering, manipulation, and transport

  • Deduplication
  • Header (protocol) stripping
  • Packet trimming
  • Data masking
  • GRE tunneling
Gray215Secure

SecureStack capabilities are not available for this network packet broker or this platform at this time — visit the page to learn more.

SecureStack

Optimized handling for secure traffic

  • Active SSL
  • Passive SSL decryption
  • Threat insights
  • Data masking +
AppStack Icon

AppStack

Context-aware, signature-based application layer filtering

  • Application identification
  • Geolocation & tagging
  • Optional RegEx filtering
  • IxFlow (NetFlow + metadata)
  • Packet capture
  • Real-time dashboard
MobileStack Icon

MobileStack

Visibility intelligence tailored for the mobile carrier evolved packet core

  • GTP correlation
  • GTP load balancing
  • Subscriber filtering
TradeStack Icon

TradeStack capabilities are not available for this network packet broker or this platform at this time — visit the page to learn more.

TradeStack

Marked data feed monitoring

  • Gap detection
  • Feed and channel health
  • High-resolution traffic statistics
  • Microburst detection
  • Subscription for feed updates
  • Simplified feed management